Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Bronze

sequence number for access list in in ios 12.3

Hi every body!

My book shows following:

show ip access-list 24

10 permit 10.1.1.10,wildcard bits 0.0.0255

20 permit 1.1.1.0 wildcard bits, 0.255.255.255

My question are the sequence numbers multiples of 10 for extended access list as well by default ?

My book shows editing of acl by giving following example.

r1( config -std-nacl)# 5 deny 10.1.1.1

Show ip access-list 24

5 deny 10.1.1.1

10 permit 10.1.1.10,wildard bits 0.0.0.255

20 permit 1.1.1.0 wildcard bits 0.255.255.255

My question are what are valid sequence numbers? Can i use " 1 deny 10.1.1.1" instead of " 5 deny 10.1.1.1'' ?

Thanks a lot!

3 ACCEPTED SOLUTIONS

Accepted Solutions
Hall of Fame Super Blue

Re: sequence number for access list in in ios 12.3

Sarah

Yes they go up in multiples of 10 so it leaves you space to insert new lines.

Yes you can use any number between 1 & 10 - all numbers are valid.

Jon

Hall of Fame Super Silver

Re: sequence number for access list in in ios 12.3

It is my experience that access lists, both standard and extended, default to sequence numbering by 10. The support for sequence numbering varies by release and by type of access list, with named access lists supporting sequencing before it was supported in numbered access lists. So the support for sequencing may vary depending on what version of IOS you are running.

As far as I know the sequence of 1 would work just as well as the sequence of 5.

HTH

Rick

Hall of Fame Super Bronze

Re: sequence number for access list in in ios 12.3

Sarah,

The default sequence of 10 is a good value as it allows you to integrate additional ACEs in between after they were initially entered.

For instance, based on your example:

5 deny 10.1.1.1

10 permit 10.1.1.10,wildard bits 0.0.0.255

20 permit 1.1.1.0 wildcard bits 0.255.255.255

I can add another ACE, between 10 and 20 by entering

15 permit x.x.x.x wildcard bits x.x.x.x

HTH,

__

Edison.

3 REPLIES
Hall of Fame Super Blue

Re: sequence number for access list in in ios 12.3

Sarah

Yes they go up in multiples of 10 so it leaves you space to insert new lines.

Yes you can use any number between 1 & 10 - all numbers are valid.

Jon

Hall of Fame Super Silver

Re: sequence number for access list in in ios 12.3

It is my experience that access lists, both standard and extended, default to sequence numbering by 10. The support for sequence numbering varies by release and by type of access list, with named access lists supporting sequencing before it was supported in numbered access lists. So the support for sequencing may vary depending on what version of IOS you are running.

As far as I know the sequence of 1 would work just as well as the sequence of 5.

HTH

Rick

Hall of Fame Super Bronze

Re: sequence number for access list in in ios 12.3

Sarah,

The default sequence of 10 is a good value as it allows you to integrate additional ACEs in between after they were initially entered.

For instance, based on your example:

5 deny 10.1.1.1

10 permit 10.1.1.10,wildard bits 0.0.0.255

20 permit 1.1.1.0 wildcard bits 0.255.255.255

I can add another ACE, between 10 and 20 by entering

15 permit x.x.x.x wildcard bits x.x.x.x

HTH,

__

Edison.

136
Views
0
Helpful
3
Replies
CreatePlease to create content